cve/CVE-2023-4104.md at dd6a10065df501f0a524d47b55e162f16811ba93

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups.This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected. This vulnerability affects Mozilla VPN client for Linux < v2.16.1.

POC

Reference

https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110

Github

https://github.com/aobakwewastaken/aobakwewastaken
https://github.com/kherrick/hacker-news

1014 B Raw Blame History

CVE-2023-4104

Description

POC

Reference

Github

1014 B

Raw Blame History